import { User } from '../models';
import { JWT_SECRET } from '../config';
const jwt = require('jsonwebtoken');

export const jwtVerify = str => {
  return new Promise((resolve, reject) => {
    jwt.verify(str, JWT_SECRET, function (err, decoded) {
      if (err) {
        reject(err);
        return;
      }
      resolve(decoded);
    });
  });
};

// 检查用户接口的token值是否有效，如果有效返回userid, 否则报 您尚未登录的错误
export const checkUserToken = async (ctx, next) => {
  if (ctx.header.authorization && ctx.header.authorization.split(' ').length === 2) {
    let token = ctx.header.authorization.split(' ')[1];
    if (token) {
      return new Promise(resolve => {
        jwt.verify(token, JWT_SECRET, async function (err, decoded) {
          if (err) {
            ctx.status = 401;
            ctx.body = { ok: false, msg: 'need login', err: err, authfail: true };
            await next();
            resolve(null);
            return;
          }
          if (decoded && decoded.userid) {
            resolve(decoded.userid);
          } else {
            resolve(null);
            ctx.status = 401;
            ctx.body = { ok: false, msg: 'need login', authfail: true };
            await next();
          }
        });
      });
    } else {
      ctx.status = 401;
      ctx.body = { ok: false, msg: 'need login', authfail: true };
      await next();
    }
  } else {
    ctx.status = 401;
    ctx.body = { ok: false, msg: 'need login', authfail: true };
    await next();
  }
};

/**
 * 检查后台接口的token值是否有效（必须拥有当前权限，并且identity为2）如果有效则返回true，否则报相应的错误
 * @param {Object} ctx
 * @param {Object} next
 * @param {String} permission 权限名称
 */
export const checkAdminToken = async (ctx, next, permission) => {
  if (ctx.header.authorization) {
    let token = ctx.header.authorization.split(' ')[1];
    if (token) {
      return new Promise(resolve => {
        jwt.verify(token, JWT_SECRET, async function (err, decoded) {
          if (err) {
            console.log(err);
            ctx.status = 401;
            ctx.body = { ok: false, msg: ' 您尚未登录', err: err };
            await next();
            resolve(null);
            return;
          }
          if (decoded && decoded.userid) {
            // 权限判断
            let user = await User.findById(decoded.userid, 'identity permission');
            let access = user.permission.some(item => {
              return item === permission;
            });
            // test
            access = true;
            if (access && user.identity === 2) {
              resolve(decoded);
            } else {
              resolve(null);
              ctx.status = 403;
              ctx.body = { ok: false, msg: '您没有该权限' };
              await next();
            }
          } else {
            resolve(null);
            ctx.status = 401;
            ctx.body = { ok: false, msg: ' 您尚未登录' };
            await next();
          }
        });
      });
    } else {
      ctx.status = 401;
      ctx.body = { ok: false, msg: ' 您尚未登录' };
      await next();
    }
  } else {
    ctx.status = 401;
    ctx.body = { ok: false, msg: ' 您尚未登录' };
    await next();
  }
};
